<?php
if (!defined('IN_D')) die("Error 404");
if($cmd[1]=="user" && $cmd[2]=="change_info"){
$user_id=$_SESSION['ses_user_id'];
if(isset($_POST['sb_change_info'])){
$warn='';
	$ext_arr = array(
		'gif',
		'jpg',
		'jpeg',
		'png',
	);
$change_pwd = false;
			$oldpwd= stripslashes($_POST['u_oldpwd']);
			$new_pwd1 = stripslashes($_POST['u_newpwd_1']);
			$new_pwd2 = stripslashes($_POST['u_newpwd_2']);
			$email = stripslashes(trim($_POST['u_email']));
			$ym_nick = stripslashes(trim($_POST['u_yahoo']));
			$hide_sex = addslashes(($_POST['hide_sex'])?1:0);
			$hide_email = addslashes(($_POST['hide_email'])?1:0);
			$hide_info = $hide_sex.$hide_email;
			$hide_info = bindec($hide_info);
			$local=$func->htmlchars(stripslashes(trim($_POST['u_local'])));
		$up=$_FILES['file_avatar'];
		if(isset($up) && is_uploaded_file($up['tmp_name'])){
			$ext=$func->get_ext($up['name']);
			$img_wh=getimagesize($up['tmp_name']);
			if (!in_array($ext,$ext_arr)){
				$warn.="<b>{$lang['error']}</b> : {$lang['not_support_this_file']}<br>";
			}
			elseif($up['size']>204800)
				$warn.="<b>{$lang['error']}</b> : {$lang['exceed_size_allowed']} - 200kb<br>";
			elseif($img_wh[0]>128 || $img_wh[1]>128)
				$warn.="<b>{$lang['error']}</b> : {$lang['exceed_img_size_allowed']} - 128 x 128px<br>";
			else{
			$func->del_local_img("avatar",$user_id);
			 $rename=time().".".$ext;
			 if($ext=="gif"){
			 	move_uploaded_file($up['tmp_name'], $conf['dir_avatar']."/".$rename);
			 }else{
			  	$cache_file="cache/".$rename;
			 	move_uploaded_file($up['tmp_name'], $cache_file);
			 	$func->img_resize( $cache_file ,128,128,$conf['dir_avatar'],$rename);
				unlink($cache_file);
			}
			  $u_avatar=$rename;
		  	}
		}
			
	if(!$func->check_email($email)) $warn.=$lang['wrong_email'].'<br />';	
	if ($oldpwd && $new_pwd1) {
		$change_pwd = true;
		if($new_pwd1!=$new_pwd2)
		  $warn.=$lang['pass_not_match'].'<br />';
		   else{ 
				$newpwd = md5(md5($new_pwd1));
				$q = $DB->query("SELECT u_id FROM ".$conf['prefix']."user WHERE u_id = '".$user_id."' AND u_password = '".md5(md5($oldpwd))."'");
				if ($DB->num_rows($q)) {
					$DB->query("UPDATE ".$conf['prefix']."user SET u_password = '".$newpwd."' WHERE u_id = '".$user_id."'");
				}
				else $warn .= $lang['wrong_old_pwd'].'<br />';
		   }
	}
	
	if ($warn){ 
		$ann_html = $tpl->get_tpl('user_change_info');
		$warn="<center><b>{$lang['error']}</b> : <br>{$warn}</center>";
		$ann_html=$tpl->assign_vars($ann_html,array(
					'user.WARNING'	=> $warn,
					'user.EMAIL'		=> $email,
					'user.HIDE_EMAIL'	=> $hide_email?"checked='checked'":"",
					'user.SEX'			=> ($func->get_data("user",$user_id,"u_sex")==1)?$lang['male']:$lang['female'],
					'user.HIDE_SEX'		=> $hide_sex?"checked='checked'":"",
					'user.LOCAL'		=> $func->unhtmlchars($local),
					'user.YM'			=> $ym_nick,
					'user.AVATAR'		=> $func->get_img("avatar",$user_id),
			)
		);
	}
	else{
		$DB->query("UPDATE ".$conf['prefix']."user SET u_hide_info = '".$hide_info."', u_email = '".$email."', u_local='".$local."',u_avatar='".$u_avatar."' WHERE u_id = '".$user_id."'");
		if ($change_pwd) {
			$DB->query("UPDATE ".$conf['prefix']."user SET u_lastvisit = '".NOW."', u_identifier = '', u_timeout = '', u_ip = '', u_online = 0 WHERE u_id = '".$user_id."'");
			
		} 
		$ann_html=$tpl->get_tpl("announcement");
		$warn='<center><b>'.$lang['change_user_info_success'].'</center>';
		$ann_html=$tpl->assign_vars($ann_html,array(
				'ann.CONTENT'	=> $warn
			)
		);
	}

	$main_content=$ann_html;
}else{
	 $q = $DB->query("select * from {$conf['prefix']}user where u_id='{$user_id}'");
	 if($u=$DB->fetch_row($q)){
				$html = $tpl->get_tpl('user_change_info');
				$hide_info=$func->get_data("user",$user_id,"u_hide_info");
				$html = $tpl->assign_vars($html,array(
						'user.WARNING'		=> '',
						'user.EMAIL'		=> $u['u_email'],
						'user.HIDE_EMAIL'	=> $hide_info['hide_email']?"checked='checked'":"",
						'user.SEX'			=> ($u['u_sex']==1)?$lang['male']:$lang['female'],
						'user.HIDE_SEX'		=> $hide_info['hide_sex']?"checked='checked'":"",
						'user.LOCAL'		=> $func->unhtmlchars($u['u_local']),
						'user.YM'			=> $func->unhtmlchars(stripslashes($u['u_ym'])),
						'user.AVATAR'		=> $func->get_img("avatar",$user_id),
					)
				);
			$main_content=$html;
	 }
 }
}

if($cmd[1]=="user" && is_numeric($cmd[2])){
$user_id=(int)$cmd[2];
 $q = $DB->query("select * from {$conf['prefix']}user where u_id={$user_id}");
 if($u=$DB->fetch_row($q)){
			$html = $tpl->get_tpl('user_home');
				$hide_info=$func->get_data("user",$user_id,"u_hide_info");
				$user_name=$func->unhtmlchars($u['u_name']);
			$html = $tpl->assign_vars($html,array(
					'user.NAME'			=> $user_name,
					'user.LEVEL'		=> $func->user_level($user_id),
					'user.LOCAL'		=> $func->unhtmlchars($u['u_local']),
					'user.EMAIL'	=> $hide_info['hide_email']?"":$func->unhtmlchars($u['u_email']),
					'user.SEX'		=> $hide_info['hide_sex']?"":($u['u_sex']==1?$lang['male']:$lang['female']),
					'user.YM'			=> $u['u_ym']?$func->unhtmlchars(stripslashes($u['u_ym'])):$lang['unknown'],
					'user.REGDATE'	=> $u['u_regdate'],
					'user.AVATAR'	=> $func->get_img("avatar",$user_id),
				)
			);
	 $title_web_bar=$lang['home_of']." ".$user_name;
	 $title_ascii_web_bar=$func->utf8_to_ascii($lang['home_of']." ".$user_name);
 }else $html=box_announcement($lang['no_data']);
	 $main_content=$html;
	
}


if($cmd[1]=="user" && $cmd[2]=="list"){
if(!$cmd[3]) $cmd[3]=1;
$limit=($cmd[3]-1)*$conf['media_per_page'];
 $q = $DB->query("select * from {$conf['prefix']}user order by u_id desc limit {$limit},{$conf['media_per_page']}");
 $q_total = $DB->query("select * from {$conf['prefix']}user order by u_id desc");
 $total=$DB->num_rows($q_total);
 if($total){
 	$ro = $tpl->get_tpl('list_user');	
	$t['row'] = $tpl->get_block_from_str($ro,'list_user.row',1);
	$html='';
	 while($u=$DB->fetch_row($q)){
					$hide_info=$func->get_data("user",$u['u_id'],"u_hide_info");
					$user_name=$func->unhtmlchars($u['u_name']);
				$html.= $tpl->assign_vars($t['row'],array(
						'user.NAME'			=> $user_name,
						'user.LOCAL'		=> $func->unhtmlchars($u['u_local']),
						'user.EMAIL'	=> $hide_info['hide_email']?"":$func->unhtmlchars($u['u_email']),
						'user.SEX'		=> $hide_info['hide_sex']?"":($u['u_sex']==1?$lang['male']:$lang['female']),
						'user.YM'			=> $u['u_ym']?$func->unhtmlchars(stripslashes($u['u_ym'])):$lang['unknown'],
						'user.REGDATE'	=> $u['u_regdate'],
						'user.AVATAR'	=> $func->get_img("avatar",$u['u_id']),
						'user.URL'		=> $func->change_link("user",$u['u_id'],$func->title_2_ascii($user_name,true)),
						'user.LANG_REG_DATE'	=> $lang['register_date'],
						'user.LANG_EMAIL'	=> $lang['email'],
						'user.LANG_LOCAL'	=> $lang['local'],
					)
				);
	
	 }
	 
	$ro = $tpl->assign_blocks_content($ro,array(
			'list_user'	=>	$html
		)
	);
	$ro = $tpl->assign_vars($ro,array(
			'user.PAGES'	=>	$func->viewpages($total,$conf['media_per_page'],$cmd[3],$func->title_2_ascii($lang['list_user'],true)),	
			'user.TOTAL'	=> $lang['total']." <b>".$total."</b> ".$lang['member'],
		)
	);
 
	 $title_web_bar=$lang['list_user'];
	 $title_ascii_web_bar=$func->utf8_to_ascii($lang['list_user']); 
 }else $ro=box_announcement($lang['no_data']);
	 $main_content=$ro;
	
}

if($cmd[1]=="register"){
$html = $tpl->get_tpl('register');
	if(isset($_POST['do_register'])){
			$warn = '';
			$reged=false;
			$name = $func->htmlchars(stripslashes(trim($_POST['reg_name'])));
			$pwd = stripslashes($_POST['reg_pwd']);
			$conf_pwd = stripslashes($_POST['reg_pwd2']);
			$sec_num = stripslashes($_POST['sec_num']);
			$email = addslashes(trim($_POST['reg_email']));
			$sex = (addslashes($_POST['reg_sex']))?addslashes($_POST['reg_sex']):1;
			$ym_nick = addslashes(trim($_POST['reg_yahoo']));
			$hide_sex = (addslashes($_POST['hide_sex']) == '1')?1:0;
			$hide_email = (addslashes($_POST['hide_email']) == '1')?1:0;
			$hide_info = $hide_sex.$hide_email;
			$hide_info = bindec($hide_info);
			$local=$func->htmlchars(stripslashes(trim($_POST['reg_local'])));
			$agree=$_POST['agree'];
			$reg_date=date("Y-m-d",NOW);
			$q=$DB->query("SELECT u_id FROM {$conf['prefix']}user WHERE u_name='{$name}'");
			$exist=$DB->num_rows($q);
			if(!$name || !pwd || !$email || !$sec_num)
				$warn.=$lang['not_empty_sticked']."<br>";
			elseif(!$agree)
				$warn.=$lang['u_not_agree_rules'];
			elseif(strlen($name)<3)
				$warn.=$lang['username_not_shorter_3'];
			elseif($exist)
				$warn.=$lang['username_existed'];
			elseif($pwd!=$conf_pwd)
				$warn.=$lang['pass_not_match'];
			elseif($sec_num!=$_SESSION['sec_num_img'])
				$warn.=$lang['sec_num_not_match'];
			if(empty($warn)){
				$pwd=md5(md5($pwd));
				$q=$DB->query("INSERT INTO {$conf['prefix']}user(u_name,u_password,u_email,u_sex,u_regdate,u_local,u_ym,u_hide_info) VALUES('{$name}','{$pwd}','{$email}','{$sex}','{$reg_date}','{$local}','{$ym_nick}','{$hide_info}')");
				if($q) $reged=true;
			}
			
	}
		if(!$reged || !$logged_in){
			$html = $tpl->assign_vars($html,array(
					'reg.SEC_NUM'		=> "<img src='{$conf['web_url']}/?act=img&security=1' border=0 />",
					'reg.ERROR'			=> $warn?$warn:"",
					'reg.USERNAME'		=> $name,
					'reg.EMAIL'			=> $email,
					'reg.YM_NICK'		=> $ym_nick,
					'reg.LOCAL'			=> $func->unhtmlchars($local),
				)
			);
		}
		if($logged_in)	
		$html = $tpl->assign_blocks_content($html,array(
				'is_logged' => "<center><font color=red><b>{$lang['u_logged']}</b></font></center>",
			)
		);
		elseif($reged)	
		$html = $tpl->assign_blocks_content($html,array(
				'is_logged' => "<center><font color=red><b>{$lang['u_reg_success']}</b></font></center>",
			)
		);
		$main_content=$html;
		 $title_web_bar=$lang['register'];
		 $title_ascii_web_bar=$func->utf8_to_ascii($lang['register']); 

}
if($cmd[1]=="user" && $cmd[2]=="login"){
	if(isset($_POST['start_login'])){
		$warn='';
		   if(!$_POST['user'] || !$_POST['pass'])
			  $warn.=$lang['username_pwd_not_empty'];
		   $_POST['user'] = addslashes(trim($_POST['user']));
		   if(strlen($_POST['user']) > 30)
			  $warn.=$lang['username_not_longer_30'];
		 if(empty($warn)){
		 	$password=trim(addslashes($_POST['pass']));
			$md5pass = md5(md5($password));
			$username = stripslashes(trim(urldecode($_POST['user'])));
		   $q = $DB->query("select u_id from {$conf['prefix']}user where u_name = '{$username}' and u_password='{$md5pass}'");
			if (!$DB->num_rows($q)) {
				if ($func->check_random_str($password,15))
					$q = $DB->query("SELECT u_id FROM ".$conf['prefix']."user WHERE u_name = '".$username."' AND (u_new_password = '".$password."' AND u_new_password <>'')");
				
				if (!$DB->num_rows($q))	
					 $warn=$lang['wrong_user_or_pass'];
			}
			if(empty($warn)){
				$r = $DB->fetch_row($q);
				$_SESSION['ses_user_id'] = $r['u_id'];		
				$salt = $func->random_str();
				$identifier = md5($salt.IP.$r['u_id'].$salt);
				 if(isset($_POST['remember_me']))
					$timeout= NOW + 60 * 60 * 24 * 365;
				 else
					$timeout = NOW + 2*60*60;
				m_setcookie('C_USER', $identifier,$timeout);
				$DB->query("DELETE FROM ".$conf['prefix']."online WHERE sid = '".SID."'");
				$DB->query("UPDATE ".$conf['prefix']."user SET u_online = 1, u_ip = '".IP."', u_identifier = '".$identifier."', u_timeout = '".$timeout."' WHERE u_id = '".$r['u_id']."'");
	
				$html = $tpl->get_tpl('redirect');
				$roj="<strong>{$lang['thanks']}, <font color='blue'>{$_POST['user']}</font> {$lang['logged_success']}</strong>";
				$html = $tpl->assign_vars($html,array(
						'redi.CONTENT' => $roj,
						'redi.URL'		=> $conf['web_url'],
					)
				);
				 echo $tpl->parse_tpl($html);
				 exit();
			} 
		}
			$main_content=box_announcement($warn);
	}
}
if($cmd[1]=="user" && $cmd[2]=="logout"){
	$DB->query("UPDATE ".$conf['prefix']."user SET u_lastvisit = '".NOW."', u_identifier = '', u_timeout = '', u_ip = '', u_online = 0 WHERE u_id = '".$_SESSION['ses_user_id']."'");
	setcookie('C_USER', '', 0);
		$html = $tpl->get_tpl('redirect');
			$roj="<strong>{$lang['logged_out']}</strong>";
				$html = $tpl->assign_vars($html,array(
						'redi.CONTENT' => $roj,
						'redi.URL'		=> $conf['web_url'],
					)
				);
				echo $tpl->parse_tpl($html);
				 exit();
}

if($cmd[1]=="user" && $cmd[2]=="forgot"){
	if($_POST['submit_forgot']){
		$warn = '';
		$email = addslashes(trim($_POST['email']));
		$q = $DB->query("SELECT u_name FROM ".$conf['prefix']."user WHERE u_email = '".$email."'");
		if ($DB->num_rows($q)) {
			$r = $DB->fetch_row($q);
			$user_name = $r['u_name'];
			$new_password = $func->random_str(15);
			$web_email = $conf['web_email'];
			$title = $conf['web_title']." : {$lang['your_new_pass']}";
			$header = $func->build_mail_header($email,$web_email);
			$content = "{$lang['hello']} <b>".$user_name."</b>,<br>".
				"{$lang['your_new_pass']} : <b>".$new_password."</b> <br>".
				"<a href='".$conf['web_url']."'><b>".$conf['web_title']."</b></a>";
			if ( mail($email,$title,$content,$header) ) {
				$DB->query("UPDATE ".$conf['prefix']."user SET u_new_password = '".$new_password."' WHERE u_name = '".$user_name."'");
			}
			else $warn .= $lang['host_not_support_mail'];
		}
		else $warn .= $lang['this_email_not_exist'];
		if ($warn){ 
			$ro=$tpl->get_tpl("forgot_password");
			$ro=$tpl->assign_vars($ro,array(
						'forgot.WARN'	=> "<b>{$lang['error']} : </b><br>".$warn,
					)
				);
		$main_content=$ro;
		
		}
		else $main_content=box_announcement($lang['new_pass_sent_mail']);
	}
	else{
		$ro=$tpl->get_tpl("forgot_password");
		$ro=$tpl->assign_vars($ro,array(
						'forgot.WARN'	=> '',
					)
		);
		$main_content=$ro;
	}
	$title_web_bar=$lang['forgot_pass'];
	$title_ascii_web_bar=$func->utf8_to_ascii($lang['forgot_pass']);
}
?>